Nigel Hawthorn, Vice-President of Channels at Blue Coat Systems, explains how resellers can equip customers to handle the security risks associated with HTTPS traffic.
In the security industry accusations of scare-mongering are sometimes well justified, but so far there has been a lack of communication about the threats offered by HTTPS (HTTP over SSL) traffic.
SSL communications form a significant and sharply growing percentage of corporate Internet traffic. The majority of this traffic comprises business-critical applications now outsourced on the Internet, such as customer relationship management sites, travel booking and expense management. But the amount of HTTPS traffic is growing and not all of it is business traffic, introducing a critical problem for the enterprise. SSL traffic eludes inspection or control by the organisation, creating a unique internal 'blind spot' for security threats and an open door for rogue applications not sanctioned by company policy.
Travelling unmonitored and unchecked through the firewall's fully open port 443, threat traffic has formed a new highway for enterprise vulnerability. Examples include spyware, viruses coming in via HTTPS web-email, phishing sites, secured anomalisers that allow users to access inappropriate content and HTTPS peer-to-peer traffic.
Resellers and VARs would do well to recognise the opportunity to play a valuable educational role both in improving customer awareness of the threat and in equipping customers to handle these traffic types more effectively. They can show organisations how to stop malware, from infiltrating the enterprise network through encrypted tunnels. They can work to deny threats from secured phishing attempts that now utilise SSL explicitly as a cloaking mechanism. They can also demonstrate to customers how to govern the encrypted applications that the organisation will allow to communicate externally.
Since much of SSL traffic is business-critical, companies cannot afford any performance degradation due to inspection. Rather than degrade performance, it is possible to boost SSL-encrypted application performance by as much as ten times through the use of object pipelining and caching technology.
Organisations already alert to the 'riddle' of port 443 will appreciate the need to have the same level of visibility and control of SSL traffic as they currently enjoy with HTTP non-encrypted traffic. With SSL usage rising rapidly and security threats proliferating, resellers can demonstrate their dedication to customer care by stepping in to fulfil this need.